fix(cf-workers): add missing function

[jog1t]

Fixes #1323
Fixes KIT-326

TL;DR

Added getOrCreateInspectorAccessToken implementation to CloudflareActorsManagerDriver and exported the generateRandomString utility.

What changed?

• Implemented the getOrCreateInspectorAccessToken method in the CloudflareActorsManagerDriver class, which returns a randomly generated string
• Imported generateRandomString in the manager-driver.ts file
• Exported generateRandomString from the driver-helpers module
• Changed the JSDoc annotation for getOrCreateInspectorAccessToken from @internal to @experimental

How to test?

1. Verify that the CloudflareActorsManagerDriver correctly implements the ManagerDriver interface
2. Test that getOrCreateInspectorAccessToken() returns a random string when called
3. Confirm that generateRandomString can be imported from the driver-helpers module

Why make this change?

This change completes the implementation of the ManagerDriver interface in the CloudflareActorsManagerDriver class by adding the missing getOrCreateInspectorAccessToken method. The method is marked as experimental, indicating it's available for use but the API might change in future versions. Exporting the generateRandomString utility makes it available for other components that need to generate random strings.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Preview	Comments	Updated (UTC)
rivetkit-serverless	Ready	Preview	Comment	Oct 1, 2025 5:26pm

[claude]

Claude finished @jog1t's task —— View job

---

PR Review: CloudflareActorsManagerDriver Missing Function Implementation

Review Checklist

• Read repository guidelines (CLAUDE.md)
• Analyze changed files and implementation
• Review code quality and best practices
• Check for potential bugs or issues
• Evaluate performance considerations
• Assess security concerns
• Review test coverage needs
• Provide comprehensive feedback

---

✅ Overall Assessment: LGTM with Minor Security Consideration

This PR successfully implements the missing getOrCreateInspectorAccessToken() method in the CloudflareActorsManagerDriver. The implementation is consistent with other driver implementations and follows the project's conventions.

---

📋 Code Quality & Best Practices

✅ Excellent:

• Consistent implementation: Matches the exact pattern used in RemoteManagerDriver (packages/rivetkit/src/remote-manager-driver/mod.ts:272)
• Proper imports: Correctly imports generateRandomString from the rivetkit driver-helpers module
• Export structure: Properly exports generateRandomString in the driver-helpers module (packages/rivetkit/src/driver-helpers/mod.ts:3)
• Documentation: Appropriately changed JSDoc from @internal to @experimental in the interface definition

✅ Code Style Compliance:

• Follows project naming conventions (camelCase for function names)
• Uses existing utility functions rather than reimplementing logic
• Maintains consistent indentation and formatting

---

🐛 Potential Issues: None Identified

The implementation is straightforward and doesn't introduce any apparent bugs. The function signature matches the interface requirement and returns the expected string type.

---

⚡ Performance Considerations

✅ Efficient Implementation:

• generateRandomString() uses Math.random() which is fast for non-cryptographic purposes
• No unnecessary computations or memory allocations
• Function is stateless and lightweight

---

🔒 Security Concerns

⚠️ Minor Consideration:
The current implementation uses generateRandomString() which relies on Math.random() (packages/rivetkit/src/actor/utils.ts:97-106). While this is consistent with other driver implementations, it's worth noting:

• Non-cryptographic randomness: Math.random() is not cryptographically secure
• Inspector tokens: These tokens are used for inspector access authentication (packages/rivetkit/src/inspector/utils.ts:46)

Recommendation: Consider whether inspector access tokens require cryptographic security. If so, the existing generateSecureToken() function (packages/rivetkit/src/actor/utils.ts:87-95) would be more appropriate as it uses crypto.getRandomValues().

However, this is not a blocking issue since:

1. Other driver implementations use the same approach
2. The decision should be made project-wide, not just for Cloudflare Workers
3. Inspector tokens may be intended for development/debugging rather than production security

---

🧪 Test Coverage

Gap Identified:

• No existing tests found for getOrCreateInspectorAccessToken() in any driver implementation
• No tests specifically for CloudflareActorsManagerDriver

Recommendation: While not required for this PR, consider adding integration tests that verify:

// Suggested test case
it('should return consistent inspector access tokens', () => {
  const driver = new CloudflareActorsManagerDriver();
  const token1 = driver.getOrCreateInspectorAccessToken();
  const token2 = driver.getOrCreateInspectorAccessToken();
  
  expect(typeof token1).toBe('string');
  expect(token1.length).toBeGreaterThan(0);
  // Note: tokens should be different each time for security
  expect(token1).not.toBe(token2);
});

---

📝 Minor Suggestions

1. Documentation Enhancement: Consider adding a brief comment above the implementation explaining the purpose:

   /**
    * Generate a new inspector access token for this session.
    * Each call returns a fresh random token.
    */
   getOrCreateInspectorAccessToken() {
     return generateRandomString();
   }

2. Consistency Check: Verify that the "create" aspect of "getOrCreateInspectorAccessToken" is intentionally not implemented. The current implementation only "creates" but doesn't "get" existing tokens, unlike the file system driver which persists tokens.

---

✅ Summary

This is a solid, straightforward implementation that:

• ✅ Completes the ManagerDriver interface implementation
• ✅ Follows established patterns from other drivers
• ✅ Adheres to project coding standards
• ✅ Uses appropriate utility functions
• ✅ Maintains API consistency

The PR is ready for merge. The minor security consideration about random number generation is a project-wide architectural decision that shouldn't block this specific fix.

Final Recommendation: Approve and merge 🚀

---

[jog1t]

• fix(cf-workers): add missing function #1324 👈 (View in Graphite)
• main

---

How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

• merge queue - adds this PR to the back of the merge queue
• hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

[pkg-pr-new]

More templates

• example-ai-agent
• example-better-auth-external-db
• chat-room
• example-cloudflare-workers
• example-cloudflare-workers-hono
• counter
• example-crdt
• example-database
• example-sqlite
• example-elysia
• example-express
• example-game
• example-hono
• example-hono-react
• example-next-js
• example-rate
• example-raw-fetch-handler
• example-raw-websocket-handler-proxy
• example-react
• starter
• example-stream
• example-sync
• example-tenant
• example-trpc

@rivetkit/actor

pnpm add https://pkg.pr.new/rivet-dev/rivetkit/@rivetkit/actor@1324

@rivetkit/cloudflare-workers

pnpm add https://pkg.pr.new/rivet-dev/rivetkit/@rivetkit/cloudflare-workers@1324

@rivetkit/core

pnpm add https://pkg.pr.new/rivet-dev/rivetkit/@rivetkit/core@1324

@rivetkit/db

pnpm add https://pkg.pr.new/rivet-dev/rivetkit/@rivetkit/db@1324

@rivetkit/framework-base

pnpm add https://pkg.pr.new/rivet-dev/rivetkit/@rivetkit/framework-base@1324

@rivetkit/next-js

pnpm add https://pkg.pr.new/rivet-dev/rivetkit/@rivetkit/next-js@1324

@rivetkit/react

pnpm add https://pkg.pr.new/rivet-dev/rivetkit/@rivetkit/react@1324

rivetkit

pnpm add https://pkg.pr.new/rivet-dev/rivetkit@1324

@rivetkit/sql-loader

pnpm add https://pkg.pr.new/rivet-dev/rivetkit/@rivetkit/sql-loader@1324

commit: 2072f7e

[graphite-app]

Merge activity

• Oct 1, 5:55 PM UTC: NathanFlurry added this pull request to the Graphite merge queue.
• Oct 1, 5:55 PM UTC: CI is running for this pull request on a draft pull request (#1326) due to your merge queue CI optimization settings.
• Oct 1, 5:56 PM UTC: Merged by the Graphite merge queue via draft PR: #1326.

[linear]

KIT-326 managerDriver.getOrCreateInspectorAccessToken is not a function